Ga naar hoofdinhoud

MetaMask Profile Sync and privacy

MetaMask allows you to receive notifications and sync data in a privacy-preserving manner across devices, using the “Profile Sync” feature. This means your MetaMask profile—including customized account names, added/imported networks, and other settings—stays consistent across MetaMask Extension. (Profile Sync support for MetaMask Mobile and MetaMask Portfolio is coming soon.)

MetaMask locate profile sync settings

info
  • New Users: Profile Sync is enabled, you can opt-out at any time.
  • Existing Users: You can opt-in under the Security and Privacy settings.
  • All Users: You can opt-out at any time, but doing so will also disable wallet activity notifications and device synchronization.

This article will explain the benefits of Profile Sync, how it works, the privacy safeguards in place, and how you can control or opt out of this feature.

What are the benefits of creating a profile?

Enabling Profile Sync allows you to:

  • Receive notifications about your wallet activity like token updates (staking, buying, swapping, bridging) and product updates.
  • Sync your wallet and associated accounts (originating from the same SRP) across instances to avoid manually adding accounts on multiple devices.
  • Back up your configurations, especially useful when changing or resetting your browser.
  • Automatically restore your accounts that were derived from the same Secret Recovery Phrase, removing the need for manual account restoration.
notitie

Only accounts originating from the same Secret Recovery Phrases will be synchronized. Accounts imported using private keys, JSON, or hardware wallets (using different SRPs) do not sync yet.

How is the profile created?

When you opt-in to a feature that uses a profile, your MetaMask instance generates both a public key and a private key. These keys are derived from your Secret Recovery Phrase, which means that you will have the same profile on other MetaMask instances where you use the same Secret Recovery Phrase.

info

These keys are derived from your Secret Recovery Phrase, meaning they don't threaten your MetaMask security in any way. These keys cannot be used to control your funds or addresses and are unrelated to your assets.

This profile will allow you, e.g., to keep the same notification settings on multiple devices or receive wallet activity notifications on multiple MetaMask instances without having to 'mark as read' on each device.

The private key stays within your MetaMask instance, and the public key is shared with MetaMask servers to provide services that require your profile, such as syncing your user configurations. Your Secret Recovery Phrase is never shared with MetaMask servers.

How does account sync work?

Profile Sync enables wallet notifications and account sync. Account sync ensures that your account names and addresses remain consistent across devices. It lets you easily restore your wallet on a separate device without manually adding accounts or editing configurations that were backed up.

If one device has fewer accounts than another, MetaMask will automatically sync the missing accounts so that you don’t need to manually import them again. For example, if your wallet on Device A has 5 accounts, but the same wallet on Device B has the more updated 7 account version, MetaMask will update Device A automatically to include the 6th and 7th account when you lock/unlock or close/open the extension.

For account names, the most recent update is always prioritized. For example, if you renamed Account 1 to ‘Primary account’ on Device A in October 2024, and then renamed it to ‘Main account’ on Device B in November 2024, the name 'Main account' will be reflected across both Device A and B.

If it’s unclear which account name was updated last, MetaMask will keep the different account names on the different devices. If you don’t see previously edited account names synchronizing, just update the account name again, and it will be reflected across both devices.

When does account syncing happen?

For any two wallet instances where Profile Sync is enabled, account sync occurs when:

  • You lock or unlock the MetaMask extension or mobile app.
  • You close or open the MetaMask extension or mobile app.

This means that if you make changes on Device A (like adding a new account or renaming one), you won't see the changes reflected Device B until you either lock/unlock or close/open MetaMask on Device B.

notitie

Account sync only works across Chrome and Brave browsers. Firefox support will come in later updates.

How does Profile Sync respect my privacy as a MetaMask user?

When using Profile Sync, your settings are synced without compromising the confidentiality of your MetaMask activity. Instead of web2-like architectures, where service providers host user data, we use a privacy-first approach. Your information is encrypted on the client side (i.e., locally, on your device), and the server acts as a storage and relayer of encrypted data. MetaMask, therefore, has zero visibility of which users or addresses are using this service and how.

When you enable wallet activity notifications, MetaMask must store your address on MetaMask servers to track activity on the blockchain and provide you with notifications.

Where and how do you store user configurations?

User configurations are stored on MetaMask servers, encrypted with a specially generated key that only you own and can access. Nobody else can read the configurations.

In this context, MetaMask is merely storage and cannot read who is using the service or the content of the configurations since everything is encrypted on the client side. The encrypted information can be decrypted on another device when the same Secret Recovery Phrase is used.

We are also actively working with the ecosystem to explore opportunities to decentralize the user configuration storage in the future.

Which user configurations do you store?

You control what data is stored by enabling features in settings that use the profile and storage solution. We don’t store, transfer, or backup your private key or Secret Recovery Phrase, both of which are only accessible to you.

How do wallet activity notifications work?

We monitor blockchains for you and send you push notifications when relevant events occur to your addresses, such as receiving tokens, NFTs, or unstaking.

Unlike the user configuration service, which only hosts data encrypted client-side, the notifications service needs to save unencrypted versions of the monitored addresses on the server side.

How can I opt out?

If you prefer not to use profile-related features, you can opt-out at any time. MetaMask will continue to function normally, but you will no longer receive wallet activity notifications or account syncing, as they rely on Profile Sync.

info

To opt out of Profile Sync, go to Settings > Security & Privacy and turn off the “Profile Sync” toggle. Keep in mind that this will also turn off wallet activity notifications and account syncs.

You can opt-in to the functionality anytime by re-enabling “Profile Sync.”